Business

According to experts on kernel level anticheat, two things are abundantly clear- 1) It’s not perfect and 2) It’s not going anywhere-

Like Denuvo DRM or shader compilation stutter, “kernel level anticheat” is one of the most high profile issues dogging PC gaming in recent years. The default position of most gamers is that it’s a crutch used by “lazy devs”, it ruins performance, and could even compromise security. However, after reading games marketing veteran Ryan K. Rigney’s Push to Talk report, in which he interviews multiple professional anticheat experts, it’s clear that the tech’s here to stay regardless.

For the uninitiated, what it means when anticheat is operating at kernel level is that it’s running at the deepest, most authoritative layer of your operating system. Developers appreciate that level of control in detecting and shutting down cheat programs, pre-empting them with a maximum level of system authority. Many consumers understandably take issue with relinquishing that level of control to a third party. 

For one instructive example of the power and invasiveness of these tools, look no further than the high profile Destiny raider who lost his account after the game’s anticheat flagged a cheat engine program he had installed for the single player Shogun: Total War 2 and never used on Bungie’s FPS-MMO.

That feeling of intrusion can often result in a tense, sometimes hysterical tone to conversations about the software: review bombs, threats, more “lazy dev” discourse, etc. The experts that Rigney interviewed are clearly well aware of how unpopular kernel level anticheat is with some players. His Odyssey Interactive colleague, software engineer Paul Chamberlain, calls it “a cursed field to work in.”

Riot Games head of anticheat, Phillip Koskinas, argues that developers essentially have to be secretive about how their anticheat works in order to retain every advantage against cheat developers, who are themselves constantly searching for vulnerabilities. That secrecy, though understandable in an arms race against cheats, doesn’t help the tech’s reputation among gamers.

I’m less worried about developers abusing kernel access, and more concerned with potential vulnerabilities introduced for third-party actors to exploit. Rigney cited two examples: the infamous Extended Copy Protection (XCP) from Sony, which bad actors used to compromise affected systems, as well as a backdoor vulnerability introduced by Street Fighter 5’s kernel level anticheat. In 2022, a ransomware developer also took advantage of Genshin Impact’s kernel level anticheat to disable antivirus processes.

However, all the experts Rigney talked to agree on a compelling argument: it’s in a developer’s best interest not to breach customers’ trust by abusing kernel level access or offering a product that negatively impacts their system. Further, they argue that you don’t need kernel level access to do some serious damage to a PC, and I was reminded of FromSoftware’s catastrophic security failure with the entire Soulsborne catalogue on PC (until Elden Ring, FromSoft did not use kernel level anticheat). That vulnerability resulted in the games’ multiplayer modes being shut down for months in 2022.

Unfortunately, being online on any device in 2024 carries risk: Your fridge has experienced a ransomware attack after downloading a new firmware update, someone’s impersonating you on Twitter trying to get Amazon gift cards, and every other email you receive is trying to phish for your bank details. Ape is killing ape in the hour of wolves, baby, and the one thing that’s truly true on the internet is you can’t trust anyone. 

“Any software you put on your machine can be used to take it over,” Roblox’s head of anti-cheat, Clint Sereday, explained to Rigney. Chamberlain emphasized the trust factor, noting the level of authority non-kernel level programs still have: “It can do anything you can do. If you can use your webcam, it can use your webcam. Kernel or not kernel, it does not make a difference to the level of danger posed to you by unknown software. The whole argument is kind of a distraction.”

And, at the end of the day, it’s the continued proliferation and profitability of cheating in games that’s driven us to this point. Some gamers even willingly embrace kernel level anticheat for its more certain protection. Public policy researcher Jonathan Hofer wrote last December about FACEIT, a platform with kernel level anticheat that some gamers willingly play Counter-Strike 2 on⁠—the game itself uses other, seemingly less effective forms of anticheat. But another issue is that this platform is owned by the Savvy Gaming Group, which is a subsidiary of the Public Investment Fund of Saudi Arabia, a government well known for digital surveillance and other breaches of privacy.

Much as I personally don’t like it, there is a demand from both players and developers to keep games clean, and the professionals charged with doing so have a clear and understandable incentive to keep using kernel level access⁠—issues aside, it seems undeniable that it is more effective at preventing cheating. I’d say vote with your wallet, but I’m certainly not going to stop playing Elden Ring or Armored Core 6 just because of their use of kernel level Easy Anti-Cheat.

Related Posts

Secret Mode splits from Sumo to become independent publisher

Update (3/4/2025): As a result of its independence from Sumo Group, Secret Mode has made a "small number" of layoffs. Developers first revealed they were impacted on LinkedIn….

Official Mario Kart Switch Racing Wheel Drops To New Low Price At Amazon

If you own of the 63 million (and counting) copies of Mario Kart 8 Deluxe–it’s the best-selling Switch game of all time by a wide margin–and want to…

New Star Wars Tamagotchi Asks You To Raise And Nurture Darth Vader

Tamagotchi normally task you with raising a cute alien creature from egg to adult, giving you a fun virtual pet to dote over as you watch it grow….

Amid The Pokemon Card Craze, One Guy Is Giving Thousands Of Cards Away To Kids

Pokemon cards are all the rage right now, but one print shop owner is giving his cards away to kids for free. Derek Joyal of Warwick, Rhode Island…

Assassin's Creed II Review

“Nothing is true; everything is permitted.” We learned this adage in the original Assassin’s Creed, and Assassin’s Creed II carries on the tradition beautifully, inspiring you to rethink…

Battlefield 6 Reveal Coming Today- How To Watch And Latest Leaks On Beta Test And More

Battlefield 2042, or Battlefield 6, which isn’t actually the sixth game, or whatever the new Battlefield game is called, will be announced today. The official Battlefield Twitter channel…